-blog-

Fresh insights weekly

DevOps, DevSecOps, IT Infrastructure and Static Analysis

DevOps Tips
Security hardening a new React project

You can use this article as a guideline for your own projects, and it is not restricted to React/NodeJS specifically. We have shown how to initialize a project, and the components that need to be present. With this article, you get a sense on what it takes to fix the initial items that are flagged. Maintaining a clean report for each tool as you build the project will set you up for scale, and give you confidence that your changes will not break things that easily.

Read post
Arrow pointing right
DevOps Tips
Setting up a project with a security-hardened CI/CD pipeline

This article demonstrates how to start building a react application, get it committed to GitHub and set up linting and code scanning. Then we set up and use GitHub Actions, Docker, Docker Compose, GitHub Secrets and CoGuard to build and secure the initial CI/CD pipeline.

Read post
Arrow pointing right
All
Product Updates
In The News
DevOps Tips
Cyber Security
DevOps Tips
Security hardening a new React project

You can use this article as a guideline for your own projects, and it is not restricted to React/NodeJS specifically. We have shown how to initialize a project, and the components that need to be present. With this article, you get a sense on what it takes to fix the initial items that are flagged. Maintaining a clean report for each tool as you build the project will set you up for scale, and give you confidence that your changes will not break things that easily.

DevOps Tips
Setting up a project with a security-hardened CI/CD pipeline

This article demonstrates how to start building a react application, get it committed to GitHub and set up linting and code scanning. Then we set up and use GitHub Actions, Docker, Docker Compose, GitHub Secrets and CoGuard to build and secure the initial CI/CD pipeline.

Product Updates
Announcement: Support for OpenTelemetry Collector

CoGuard CLI adds configuration file security scanning support for OpenTelemetry users. CoGuard provides OpenTelemetry users an automated pre-deployment security scanning tool that identifies and scans Collector configuration files and their dependencies for known misconfigurations and vulnerabilities.

Product Updates
Add security configuration analysis to your Pipelines using Jenkins Scripts

The goal of this article is to serve as a tutorial on the creation of Jenkins Scripts to add security configuration analysis using CoGuard-CLI to your Jenkins Pipeline.

DevOps Tips
What are our resources in the cloud?

Generating and maintaining a list of cloud resources is a challenge for DevOps and IT departments that are not using IaC. We look at how to generate a list of resources and configurations across providers (AWS, GCP, Azure, etc.) and include ways to make the list portable using TerraForm.

DevOps Tips
How to Include CoGuard CLI into BitBucket Pipelines

In this short article, we are going to show you an example script on how to include CoGuard’s CLI functionality into your BitBucket Pipelines.

DevOps Tips
The Infrastructure as Code disruption is not done yet…It is just getting started!

IaC adoption is still in progress, there are several ways of working that are common in the programming world are still not fully applied to it and have great potential to help us build more reliable, scalable and secure infrastructures.

Cyber Security
The different flavours of Docker image security

This article focuses on outlining the difference between some of the common image security scanners out there, what they are scanning for, and what the major differences are.

In The News
The Canada wide Rogers outage on July 8, 2022: What exactly happened & how can it be prevented?

This article discusses what happened to cause the Roger's outage on July 8th 2022, why it took an entire day to get their systems back online and how to prevent this moving forward.

DevOps Tips
How to verify your downloads in Docker builds

This article is focussed on how to ensure that downloads via `curl` or `wget` are being verified correctly and provides our solution for checking if you forgot to verify signatures.

DevOps Tips
Creating a Dockerfile? These are 7 things you should not forget!

This checklist will help you prevent certain deploy-errors or even outages in the future when working with Docker or Dockerfiles. To help you get started, we have also included a template.

Product Updates
Introducing CoGuard's free & quick CLI tool: Take a deep dive into your Docker images in seconds!

We have created a simple tool that automates the discovery of configuration files inside containers and scans them in for security and quality vulnerabilities and if any are found, fix instructions are provided-in seconds!

Product Updates
CoGuard is not just another security vulnerability scanner.....Really!

Many organizations employ tools to help secure their code, but completely forget about their configurations. This is where CoGuard comes in to help!

DevOps Tips
MySQL in AWS RDS is NOT automatically following CIS benchmarks!

When using AWS, the RDS service allows for many different SQL engines, including Oracle’s MySQL. Here are some of the things you need to consider and possibly fix before using the RDS instance because out of the box does not mean it's secure!

DevOps Tips
How Well Documented is Your IT Infrastructure?

Do you know what you have in your IT infrastructure?What’s your inventory? What’s installed? Do you know? Whose responsibility on your team is it to keep track of what's in your IT infrastructure and how it got there?

DevOps Tips
Your web server needs to be configured to never compress and encrypt at the same time

Common practice is to not use TLS and always keep using the latest version of the protocol, however, there is one danger that needs to be carefully considered: Compression.

DevOps Tips
Do you really want to deploy that dirty AWS default Kafka (MSK) configuration?

Kafka is s a well-engineered scalable messaging system, but along with it comes a large number of different configurations and one in particular that you need to look out for.

DevOps Tips
The one Kubernetes CIS benchmark check that needs to be included in ECS

Orchestration systems like ECS or Kubernetes are generally complex, making security holes easy to introduce. Read more to learn of a serious security vulnerability and how to avoid it.

Cyber Security
Setting Up CloudFront? You may have forgotten this commonly left out step

The security headers in the CloudFront responses is one of the top 10 OWASP security recommendations that we see missing in 75% of login portals we look at. Why is this?

Cyber Security
Services are allowed to run in an insecure way. Why is that, and what can we do about it?

From our experience, it takes teams at least three times longer to set up a service in a secure way compared to the initial “just make it work” setup, but it doesn't have to stay this way!

DevOps Tips
How to configure software (and how you had better not!)

Here are some tips and tricks on how to configure your software and what to avoid.

Product Updates
Announcement: Support for OpenTelemetry Collector

CoGuard CLI adds configuration file security scanning support for OpenTelemetry users. CoGuard provides OpenTelemetry users an automated pre-deployment security scanning tool that identifies and scans Collector configuration files and their dependencies for known misconfigurations and vulnerabilities.

Product Updates
Add security configuration analysis to your Pipelines using Jenkins Scripts

The goal of this article is to serve as a tutorial on the creation of Jenkins Scripts to add security configuration analysis using CoGuard-CLI to your Jenkins Pipeline.

Product Updates
Introducing CoGuard's free & quick CLI tool: Take a deep dive into your Docker images in seconds!

We have created a simple tool that automates the discovery of configuration files inside containers and scans them in for security and quality vulnerabilities and if any are found, fix instructions are provided-in seconds!

Product Updates
CoGuard is not just another security vulnerability scanner.....Really!

Many organizations employ tools to help secure their code, but completely forget about their configurations. This is where CoGuard comes in to help!

In The News
The Canada wide Rogers outage on July 8, 2022: What exactly happened & how can it be prevented?

This article discusses what happened to cause the Roger's outage on July 8th 2022, why it took an entire day to get their systems back online and how to prevent this moving forward.

DevOps Tips
Security hardening a new React project

You can use this article as a guideline for your own projects, and it is not restricted to React/NodeJS specifically. We have shown how to initialize a project, and the components that need to be present. With this article, you get a sense on what it takes to fix the initial items that are flagged. Maintaining a clean report for each tool as you build the project will set you up for scale, and give you confidence that your changes will not break things that easily.

DevOps Tips
Setting up a project with a security-hardened CI/CD pipeline

This article demonstrates how to start building a react application, get it committed to GitHub and set up linting and code scanning. Then we set up and use GitHub Actions, Docker, Docker Compose, GitHub Secrets and CoGuard to build and secure the initial CI/CD pipeline.

DevOps Tips
What are our resources in the cloud?

Generating and maintaining a list of cloud resources is a challenge for DevOps and IT departments that are not using IaC. We look at how to generate a list of resources and configurations across providers (AWS, GCP, Azure, etc.) and include ways to make the list portable using TerraForm.

DevOps Tips
How to Include CoGuard CLI into BitBucket Pipelines

In this short article, we are going to show you an example script on how to include CoGuard’s CLI functionality into your BitBucket Pipelines.

DevOps Tips
The Infrastructure as Code disruption is not done yet…It is just getting started!

IaC adoption is still in progress, there are several ways of working that are common in the programming world are still not fully applied to it and have great potential to help us build more reliable, scalable and secure infrastructures.

DevOps Tips
How to verify your downloads in Docker builds

This article is focussed on how to ensure that downloads via `curl` or `wget` are being verified correctly and provides our solution for checking if you forgot to verify signatures.

DevOps Tips
Creating a Dockerfile? These are 7 things you should not forget!

This checklist will help you prevent certain deploy-errors or even outages in the future when working with Docker or Dockerfiles. To help you get started, we have also included a template.

DevOps Tips
MySQL in AWS RDS is NOT automatically following CIS benchmarks!

When using AWS, the RDS service allows for many different SQL engines, including Oracle’s MySQL. Here are some of the things you need to consider and possibly fix before using the RDS instance because out of the box does not mean it's secure!

DevOps Tips
How Well Documented is Your IT Infrastructure?

Do you know what you have in your IT infrastructure?What’s your inventory? What’s installed? Do you know? Whose responsibility on your team is it to keep track of what's in your IT infrastructure and how it got there?

DevOps Tips
Your web server needs to be configured to never compress and encrypt at the same time

Common practice is to not use TLS and always keep using the latest version of the protocol, however, there is one danger that needs to be carefully considered: Compression.

DevOps Tips
Do you really want to deploy that dirty AWS default Kafka (MSK) configuration?

Kafka is s a well-engineered scalable messaging system, but along with it comes a large number of different configurations and one in particular that you need to look out for.

DevOps Tips
The one Kubernetes CIS benchmark check that needs to be included in ECS

Orchestration systems like ECS or Kubernetes are generally complex, making security holes easy to introduce. Read more to learn of a serious security vulnerability and how to avoid it.

DevOps Tips
How to configure software (and how you had better not!)

Here are some tips and tricks on how to configure your software and what to avoid.

Cyber Security
The different flavours of Docker image security

This article focuses on outlining the difference between some of the common image security scanners out there, what they are scanning for, and what the major differences are.

Cyber Security
Setting Up CloudFront? You may have forgotten this commonly left out step

The security headers in the CloudFront responses is one of the top 10 OWASP security recommendations that we see missing in 75% of login portals we look at. Why is this?

Cyber Security
Services are allowed to run in an insecure way. Why is that, and what can we do about it?

From our experience, it takes teams at least three times longer to set up a service in a secure way compared to the initial “just make it work” setup, but it doesn't have to stay this way!

Book you seat in the webinar.

Tellus sed sit sit volutpat vitae. At gravida tellus magnis integer mollis augue ullamcorper.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Static analysis
for config files

Automated tools for discovering, scanning and securing the configuration files for IaC, containers, applications and their interdependencies.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Book Demo
© 2021-2022 All rights reserved Heinle Solutions Inc.